Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Formalms Exposed Installation

By kannthu

Vidoc logoVidoc Module

What is the "Formalms Exposed Installation" module?

The "Formalms Exposed Installation" module is designed to detect misconfigurations in the Formalms software. Formalms is a learning management system (LMS) used for online education and training. This module focuses on identifying instances where the installation process of Formalms is exposed to potential security risks.

This module has a high severity level, indicating that the identified misconfigurations can pose significant security threats if left unaddressed.

Author: princechaddha


If the Formalms installation is exposed, it can provide attackers with unauthorized access to sensitive information or allow them to manipulate the system. This can lead to data breaches, unauthorized modifications, and potential disruption of the learning management system.

How does the module work?

The "Formalms Exposed Installation" module works by sending HTTP requests to specific paths within the target system. It then applies matching conditions to determine if the installation process is exposed.

One example of a matching condition is checking for specific HTML elements in the response body, such as the presence of "<title>forma.lms installer</title>" and "<h1>forma.lms - Installation</h1>". If these elements are found, it indicates that the installation process is accessible.

The module also verifies the HTTP response status code, ensuring that it is 200 (OK) to confirm the availability of the installation page.

By combining these matching conditions, the module can accurately identify instances where the Formalms installation is exposed.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: <title>forma.lms installer</title>, <h1>...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability